DevSec/SecOps

Firework is the world's leading immersive "shoppertainment" platform with shoppable video, live streaming commerce, and monetization capabilities powering over 600 direct-to-consumer brands, retailers and media publishers worldwide. Firework enables its customers to create and host native, shoppable video content for engaging product discovery, seamless shopping experiences and ultimately, a deeper emotional connection with consumers. Pandemic-accelerated, Firework has experienced 10x year-over-year growth, bringing TikTok-like interactive video experiences, all by adding just one line of HTML code to customers’ own websites. Our team more than doubled in size in the last 18 months to about 300 people strong in several countries including the US, Japan, India, Poland, Brazil, and Canada with backgrounds in technology, media, and entertainment. At heart, we’re an inspirational and diverse team of creators, entrepreneurs, storytellers, and data geeks driven by the future of video transforming eCommerce. The company has raised over $235M to date, with its latest Series B round led by SoftBank Vision Fund 2.

Summary

Our engineering team is growing! We’re looking for a talented DevSecOps Engineer to join our global team and build secure systems that will shape the future of our cloud infrastructure for our customer-facing and internal systems.

What you'll be doing

• Work across multiple functional teams to assess, design, build and maintain a highly secure cloud infrastructure.
• Having heavy involvement in implementing controls for SOC2, GDPR, ISO27001 compliance and compliance efforts.
• Designing systems and applications which follow security best practices.
• Continuously auditing our cloud infrastructure firewalls, VPCs, and boundaries to ensure the secure best practices are executed.
• Integrate monitoring for defined security metrics. Implement automated alerts when any of the alarms break the threshold.
• Be available on-call to handle any immediate security-related issues.
• Integrate secure solutions for identity and access management role-based access control systems.
• Creating deployments, services, and other resources on Kubernetes clusters.
• Writing Infrastructure-as-Code (IaC) to maintain a portable cloud infrastructure.
• Provide multi-tier levels of support to engineering and non-engineering stakeholders.
• Checking in code to Github repositories and performing code reviews for your fellow team members.

What you should have

• Bachelor’s degree in computer programming, computer science, or a related field.
• 5+ years experience in a DevSecOps, DevOps, or Site Reliability Engineer role. Mix of consumer technology and SaaS technology is ideal.
• Understanding of good security best practices and experience implementing them within production systems.
• Working with and maintaining production experience with Kubernetes and/or Docker deployments and services.
• Able to write Bash and/or Python scripts.
• Ability to own and be responsible for the projects you will be working on.

We'll be excited if you have

• Experience working with AWS cloud infrastructure and their various services.
• Fluent in Terraform/Terragrunt and writing Infrastructure as Code (IaC).
• Experience and thorough understanding of the Linux operating systems.
• Experience with high-traffic monitoring systems. Implementing logging (Grafana/Prometheus), telemetry (New Relic), and tracing is ideal.
• Experience working with SQL and NoSQL databases.
• Excellent eye for security and creating bulletproof secure systems.
• Excellent and effective verbal, written, interpersonal communication skills.
• Comfortable with fast-paced change: ability to demonstrate comfort with ambiguity, adapt quickly and be effective in new situations in a highly dynamic setting.
• Data-driven but also imaginative and intuitive in coming up with ideas and solutions.
• Proven ability to balance multiple priorities in a collaborative team environment.

The role may be hybrid in one of our offices or remote. For remote, we are looking for candidates based in the United States or Canada.

Don’t hold back

We understand some candidates may see the above and not apply because they don’t meet all the qualifications. We encourage you to apply anyway; we often find talented candidates that fit many other opportunities we have and look for potential too, not just what you did in the past.  As an equal employment opportunity employer, we are a diverse team that strives for an inclusive environment for all. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, age, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.